Dark_Knight wrote:Good read. I like the Y-Approach so much so that I borrowed it on my blog

Dear Dark Knight, thank you very much for spreading the word! In my case, I've sat for many technical certifications in the past (+5 ago), but for the past couple of years I've taken all the Managerial/Compliance as I mentioned in the article (since that's what my current career position asks for). What I see happening to me now is that my technical knowledge got very rusty, therefore I'm planning to sit for one or 2 more technical certifications just to refresh my knowledge.

As I said, I've spent the past couple of years performing high level security assessments (ISO, PCI-DSS, COBIT, etc), audits and was happy withthat. Until a couple of days ago when I had an interviewer asking me to "give example of protocols sitting on the transport level"... That was a SHAME. I obviously didn't have the answer at the top of my mind, even though I was a network/firewall administrator for such a long time in my career.

I got so upset that I decided to write an article about the topic... I'll let you know

funny, i started the other way around. when i landed my security job, i immediately pursuit CISSP. i'm not saying it was the best idea, but i'm glad i did. another thing to keep in mind that could come in handy is this: